Pinned Repositories
el-injection-example-app
A simple example application to exercise EL injections
evilarc
Create tar/zip archives that can exploit directory traversal vulnerabilities
Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
msflint
A lint tool for the metasploit framework
pwnworks
Exploitation challenges for CTF
stickerz
A flask messaging app that is vulnerable to XSS/CSRF
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
h0ng10's Repositories
h0ng10/evilarc
Create tar/zip archives that can exploit directory traversal vulnerabilities
h0ng10/Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
h0ng10/el-injection-example-app
A simple example application to exercise EL injections
h0ng10/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
h0ng10/pwnworks
Exploitation challenges for CTF
h0ng10/stickerz
A flask messaging app that is vulnerable to XSS/CSRF
h0ng10/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
h0ng10/Ajax.NET-Professional
Ajax.NET Professional (AjaxPro) is one of the first AJAX frameworks available for Microsoft ASP.NET and is working with many .NET frameworks starting with v1.1. The framework will create proxy classes that are used on client-side JavaScript to invoke methods on the web server with full data type support working on all common web browsers including mobile devices.
h0ng10/awesome-log4shell
An Awesome List of Log4Shell resources to help you stay informed and secure! 🔒
h0ng10/canape
CANAPE Network Testing Tool
h0ng10/CVE-2023-28432_docker
Test environments for CVE-2023-28432, information disclosure in MinIO clusters
h0ng10/dhtmlxganttservice
A minimal implementation of the REST service that is used by dhtmlxgantt. Based on Python/Flask
h0ng10/frida-ipa-dump
Yet another frida based iOS dumpdecrypted
h0ng10/git-ftp
Uses Git to upload only changed files to FTP servers.
h0ng10/hibernate-orm
Hibernate's core Object/Relational Mapping functionality
h0ng10/InfoSec-Black-Friday
All the deals for InfoSec related software/tools this Black Friday
h0ng10/jackson-rce-via-spel
An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
h0ng10/metasploit-framework
Metasploit Framework
h0ng10/metasploit-payloads
Unified repository for different Metasploit Framework payloads
h0ng10/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
h0ng10/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
h0ng10/rogue-jndi
A malicious LDAP server for JNDI injection attacks
h0ng10/Shuffle
Shuffle: The automation platform for your security stack
h0ng10/sigma
Generic Signature Format for SIEM Systems
h0ng10/sliver
Adversary Emulation Framework
h0ng10/tsunami-security-scanner-plugins
This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.
h0ng10/TwelveMonkeys
TwelveMonkeys ImageIO: Additional plug-ins and extensions for Java's ImageIO
h0ng10/typemonkey
h0ng10/update-systemd-resolved
Helper script for OpenVPN to directly update the DNS settings of a link through systemd-resolved via DBus.
h0ng10/VulHint
VulHint - Static code audit support for sublime text 3